Introduction to the GDPR

The EU General Data Protection Regulation (GDPR) is designed to harmonize data privacy laws across Europe, to protect and empower the data privacy of all EU citizens and to reshape the way organizations across the region approach data privacy.

What is GDPR?

The GDPR is a new law that aims to give EU citizens more control over their data by regulating how businesses process personal data. In other words, GDPR governs anything businesses can do with personal data which includes viewing, storing, changing, transferring and even deleting personal data. Under GDPR, personal data is defined as any information related to a natural person (or "data subject") that can be used to directly or indirectly identify them. This includes information such as names, addresses, email addresses and phone numbers.

Who is affected by GDPR?

Lightspeed eCom merchants established in the European Union and/or who process personal data from customers residing in the European Union.

Required actions & managing GDPR requests

Lightspeed is committed to assisting you to become GDPR compliant. Read the following 2 articles to aid you in your GDPR preparedness:

We recommend using the ICO (Information Commissioner's Office) website as a reference for GDPR. To visit their website, click here.

Your rights as a Lightspeed customer

Your personal data lives in our internal Lightspeed systems (e.g. your contact information in our sales software). As modifications to this personal data is not publicly available, you can submit your requests to our Support team to exercise your rights under the GDPR.

For example, you want to know what personal data we store in our internal systems at Lightspeed.

Modify inaccurate personal information.

For example, you want to change the email address we have for you on file.

Object to processing your personal information.

For example, you want to be removed from our marketing campaigns.

Delete your personal information.

For example, you have sold your business and would like to delete your personal information from our internal systems at Lightspeed.

Receive a Data Protection Agreement (DPA).

For example, you are established in the European Union (EU) or you have customers base in the EU and you haven't received the DPA in your email yet. You want to sign the agreement to ensure that you're compliant with the GDPR.

To make a request:

In the top right-hand corner of the Lightspeed Help Center, click Submit a request.

From the drop-down, select GDPR Request.

Enter your email address and name. Enter your phone number and the subject of your request.

From the drop-down, select a GDPR request type if you are requesting:

To receive a copy of all of your personal information we have, select Information and access request.